UnRAID on VMWare ESXi with Raw Device Mapping

bryanr

By bryanr
in User Customizations

Recommended Posts

speeding_ant Community Regular

speeding_ant

Posted
Posted

So, at this point I'm just testing an UnRAID installation on my ESXi server before I consider migrating any data over to it....but I've run into an interesting problem/situation.

 

I had unRAID configured to use an old 500GB drive that I had around here + a 2TB "green" drive + another 2TB "green" drive for the parity drive.

 

Some data had already been copied to the 2TB drive from a previous UnRAID test, so I configured a new array and the parity check started.

 

While the parity check was running I threw some other trash/test data that I had onto the 500GB drive.

 

In the process of completing the parity check the 500GB drive finally died on me (it had been running hot, and I had had some issues with it, that is why I decided to use it as part of this test)

 

What was interesting to me is that after the drive died I was having problems accessing unRAID via the web interface or SMB share the connection would just hang when trying to connect.  Telnet connections were still working fine, so it probably isn't a network stack issue.

 

looking at the syslog data (which I don't have saved from *that* iteration) there were some complaints about some corruption on the filesystem of the USB device.

 

I spent some time trying to get the server to become accessible again before giving up and "starting over" by formatting a new USB stick with a default unRAID install.

After reformatting I created a new array using just the 2 2TB green drives, one as parity and the other as a data drive.

 

After reconfiguring the array came up without issue and a parity check was started.

 

I had done pretty much zero customization of the settings from a default install.

 

I let that run over night.  The last time I refreshed the progress of the parity check it had about 181 mins left.

After more than that amount of time had passed I decided to refresh the progress window again and it was hung again.....

 

I have attached my syslog from this current cycle.

Reviewing it I notice some interesting/concerning activity.

 

Throughout the syslog I see events like:

Jan 24 14:55:24 Tower in.telnetd[3461]: connect from 41.239.223.22 (41.239.223.22)
Jan 24 14:55:27 Tower telnetd[3461]: ttloop: peer died: EOF
Jan 24 15:20:24 Tower in.telnetd[3562]: connect from 125.237.40.101 (125.237.40.101)
Jan 24 15:20:24 Tower telnetd[3562]: ttloop: peer died: EOF
Jan 24 15:37:17 Tower in.telnetd[3629]: connect from 92.99.132.165 (92.99.132.165)
Jan 24 15:37:17 Tower telnetd[3629]: ttloop: peer died: EOF
Jan 24 16:19:27 Tower in.telnetd[3802]: connect from 92.96.200.166 (92.96.200.166)
Jan 24 16:19:27 Tower telnetd[3802]: ttloop: peer died: EOF
Jan 24 16:25:56 Tower in.telnetd[3829]: connect from 94.59.250.245 (94.59.250.245)
Jan 24 16:25:56 Tower telnetd[3829]: ttloop: peer died: EOF
Jan 24 16:37:33 Tower in.telnetd[3876]: connect from 81.213.114.110 (81.213.114.110)
Jan 24 16:37:34 Tower telnetd[3876]: ttloop: peer died: EOF
Jan 24 16:43:43 Tower in.telnetd[3901]: connect from 88.228.34.124 (88.228.34.124)
Jan 24 16:43:44 Tower telnetd[3901]: ttloop: peer died: EOF
Jan 24 16:43:53 Tower in.telnetd[3904]: connect from 85.107.32.163 (85.107.32.163)
Jan 24 16:43:54 Tower telnetd[3904]: ttloop: peer died: EOF
Jan 24 16:43:57 Tower in.telnetd[3905]: connect from 78.179.184.243 (78.179.184.243)
Jan 24 17:01:11 Tower telnetd[3905]: ttloop: read: Connection timed out
Jan 24 17:07:04 Tower in.telnetd[4000]: connect from 78.80.91.38 (78.80.91.38)
Jan 24 17:07:05 Tower telnetd[4000]: ttloop: peer died: EOF

 

This server is set up with the default configuration (no name change, no root password change, etc)

Network address is being issued by DHCP and it is being provided a NATed address that has NO port-forwarding enabled.

Those IP addresses are from places like Nigeria, UAE, Egypt, Turkey ....That is HIGHLY suspicious to me, does anyone have ANY idea why I would be seeing these connections?

 

I'm using the custom ISO image that was posted in this thread with the filename unraid_4.6-vm_1.0.6.iso and MD5 hash 82962143AAC52908D34052FD74D73CF1

can anyone else confirm that that MD5 ISO hash is "safe" ?

 

Since I'm just working with disposable, non-sensitive test data I'm obviously not overly concerned with security at this point, but I *am* concerned as to why I'm seeing unexpected IP connections to/from suspicious foreign IP addresses.

 

Looking at the rest of the syslog does anyone have any clue why I am now unable to access the unraid server via the web interface?

 

What should my next steps be?

 

Any help is greatly appreciated...thanks!

 

Do you have your unRAID server open for the world to see? If you have no firewall, or telnet/ssh ports open to be attacked then you should expect problems. Especially if you have an insecure root password.

Link to comment
  • Replies 461
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

drdobsg Noob

drdobsg

Posted
Posted

SilntBob,

 

I would just double check on your router to see if any ports are forwarded to 192.168.1.103, or if it is set as the DMZ on your router.  Also, check to see if any ports were automatically forwarded via UPNP.  It is pretty common to see brute force telnet or even ssh attempts on the internet.  Unless your router has UPNP turned on, I can't see any way the Unraid image would be able to enable telnet port forwarding for you.  I would definitely fix that problem right away though.  Even though you aren't concerned about the data on the Unraid VM, once a hacker gets into that box it would have free range to the rest of your network.  I am extremely new to Unraid, and am just starting to test it out now, but I am shocked that telnet and a blank root password is the default install.

Link to comment
speeding_ant Community Regular

speeding_ant

Posted
Posted

Tom does say that unRAID isn't designed to have external access to the internet. It is designed to be a standalone box sitting in a basement, with internal access only. Root needs to be there by default, so there is always going to be a default password from install.

 

It would be a wise idea to add into the gui some sort of check. If password hasn't been changed by default, show warning. Maybe a javascript password strength checker next the the field box too?

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

Network address is being issued by DHCP and it is being provided a NATed address that has NO port-forwarding enabled.

 

I wiped the config and started over....parity check completed, but I'm back to using LSI SAS driver vs. paravirtualized with the VM enhancements, etc.  I'm now booting straight from the USB with with plop.

 

 

Link to comment
SK Noob

SK

Posted
Posted

well, it doesn't take long before first hacking attempt for any device connected to internet. Few nat forwarded ports pinned in my home firewall regularly got connection/hacking attempts, ftp server constantly bombarded with login tries, even standard udp ports for my voip device been regularly probed from chinese provider IPs last time i checked. Also if new IP gets assigned from provider - who knows how it's been used before..

 

# md5sum unraid_4.6-vm_1.0.6.iso

82962143aac52908d34052fd74d73cf1  unraid_4.6-vm_1.0.6.iso

 

Btw for those interested - my unraid VM reports 111,341 KB/sec during parity check for 3 x 1TB Seagate 7200.12 drives.

Link to comment
mrmachine Apprentice

mrmachine

Posted
Posted

I've been following this thread (read the whole thing, twice) and spent days googling.

 

Ideally what I want to end up with is a stable machine with hardware as similar to the official or most commonly used hardware, that can run ESXi with a VM for unRAID (up to 10 disks, supports spindown), a VM for pfsense, and a VM for Windows 7 media centre (PCIe 16x Radeon 5670 in passthrough which has been reported to work, and Hauppauge 2250 PCIe 1x in passthrough) to run XBMC and watch/record free to air TV.

 

The C2SEA motherboard uses the ICH10 sata controller with 6 ports, so I'll need at least another 4 port controller to get 10 disks.

 

Can the ICH10 controller be used with the paravirtualised LSI driver under ESXi to pass individual drives to the unRAID VM with physical RDM and support spindown?

 

For the remaining drives, the only cheap options I've found are the AOC-SASL-MV8 which is useless under ESXi, and the LSI SAS3081E-R (or equivalent, Intel SASUC8I). But I think that this card definitely won't support spindown in ESXi with passthrough OR physical RDM OR when running on bare metal?

 

I could just put all my data disks on the onboard controller (to get spindown) and put the most frequently used disks (cache, parity ESXi boot/datastore) on the LSI controller, but I still have another problem.

 

The C2SEA has 1 x PCIe 16x, 1 x PCIe 4x, and 1 x PCIe 1x. The 16x will be taken by the Radeon 5670, the 1x will be taken by the Hauppauge 2250, leaving only a single 4x (and 2 PCI slots).

 

Will the LSI which I believe is an 8x card, work in a 4x slot? If so, will the performance hit be large?

 

Would the AOC-SAT2-MV8 PCI-X card running in a regular PCI slot be a better alternative? I'd only need 4 of the disks on it, and if it supports spindown I could put the least frequently simultaneously accessed data disks on there to minimise the performance penalty.

 

Or is there another 4 port PCIe 4x controller I can use that is supported by ESXi OR can be used with passthrough?

 

I read that the Adaptec 1430sa isn't supported by ESXi, but I'm not sure if that is only referring to native support, or if the card might work in passthrough mode?

 

Thanks to everyone for this gold mine of information, and to SK for his work on the unRAID drivers!

 

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

mrmachine a couple of questions:

1) Why is the AOC-SASL-Mv8 useless under ESXi?  I just ordered one of these cards to try with my build....perhaps I shouldn't have, but I thought it was going to work....

2) What are you doing with the Radeon 5670 in an ESXi system?

 

I ended up going with the Asus P7F-E with my build....not sure yet if that was the best choice or not, but it is what I have:

http://www.newegg.com/Product/Product.aspx?Item=N82E16813131597&cm_re=asus_p7f-_-13-131-597-_-Product

 

 

I found and outdated iptables rule in my firewall that matched the DHCP assigned address of my UnRaid server....damn troubleshooting FW rules coming back to bite you in the ass down the road....

 

So I suspect that was likely the problem.  I've sense rebuilt (again) and I'm back to using the VM ISO.  I just have 3 drives running right now, but trying to figure out what will be the best controller to use to get beyond the 6 onboard ports (right now I have one in use for my ESXi datastore, but that will change in the future)

 

It is too bad unraid doesn't support the perc5i controllers.  Those things can be cheaply found on ebay and work great with ESXi

Link to comment
mrmachine Apprentice

mrmachine

Posted
Posted

mrmachine a couple of questions:

1) Why is the AOC-SASL-Mv8 useless under ESXi?  I just ordered one of these cards to try with my build....perhaps I shouldn't have, but I thought it was going to work....

2) What are you doing with the Radeon 5670 in an ESXi system?

 

1) Someone (or maybe more than one person) in this thread reported that it doesn't work with ESXi, either in passthrough OR physical RDM.

 

2) I don't want to run more machines than I need to. I want to run a VM with Windows 7 with the video card and TV tuner card in passthrough mode to replace another media centre box I have currently.

 

If running the AOC-SAT2-MV8 on a PCI slot is a bad idea, can anyone suggest an alternative motherboard which has 1x PCIe x16 slot (for the video card), 1x PCIe x1 slot (for the TV tuner card), at least one PCIe x8 slot (for future use) and at least one PCI-X slot (for the AOC-SAT2-MV8 right now)?

 

I've been searching, but almost all of the level 2 tested motherboards on the compatible hardware list are no longer available. I can't search newegg for motherboards with PCI-X slots specifically. Or is there another PCIe x4 sata controller that I can use in ESXi (that supports spindown)?

 

I've got 10 GB left on my current system, so I need to make a decision fast :)

 

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

Okay...well, I guess I'll find out for sure in a few days whether or not I can get it to work in passthrough.  The card already arrived, but I'm waiting on the sas cables....if not, I might have a card for sale :)

 

I understand what you are doing with the vid card....I've been running ESX for so long (at work) that I can't seem to remember the concept that it could be used as a machine itself via passthrough.

 

seeing as you are in need, next time I power down to swap drives (in about 12hrs), I'll pop that AOC-SASL-MV8 into a slot.  I should at least be able to figure out if ESX is going to let me pass it to Unraid...I won't be able to tell you anything about how it performs with drives until next week, though.

Link to comment
mrmachine Apprentice

mrmachine

Posted
Posted

Just found this server board on Newegg.

 

http://www.newegg.com/Product/Product.aspx?Item=N82E16813182165

 

2 x PCIe 2.0 x16 slots

1 x PCIe x4 slot

2 x PCI-X slots

 

This should work with the video card, TV tuner card, leave me with a PCIe 2.0 x16 slot free for the future (if ESXi supports the AOC-SASL-MV8 one day), and I can use the AOC-SAT2-MV8 in the PCI-X slot right now. Oh and dual ethernet, so I can connect one directly to my ADSL modem and the other to my LAN (for the pfsense VM).

 

Just not sure about the motherboard chipset and SATA controller working with ESXi and supporting spindown?

 

Link to comment
mrmachine Apprentice

mrmachine

Posted
Posted

Take a look at this mobo.  In the reviews someone says they use it with ESX but I presume they mean ESXi.

It's got

PCIe x16: 2 slots

PCIe x4: 1 slot

PCIe x1: 1 slot

 

http://www.newegg.com/Product/Product.aspx?Item=N82E16813131655

 

No PCI-X slots, so unless I'm missing something, I'd be limited to the 6 onboard SATA ports until the Adaptec 1430SA or AOC-SASL-MV8 works in ESXi?

 

The AOC-SAT2-MV8 is the only 4+ port SATA controller card I've heard of that is confirmed to work under ESXi and supports spindown?

 

Also found this, which should work with cheaper, cooler CPUs that consume less power:

 

http://www.newegg.com/Product/Product.aspx?Item=N82E16813182143

 

And this board is explicitly listed on the whitebox hardware compatibility list for ESXi 4.0, too.

 

Link to comment
jortan Contributor

jortan

Posted
Posted

I too have been following this thread with interest and doing a lot of googling for an unRAID build using a Norco 4224 later this year.

 

I'm torn between setting up a low-power ESXI SAN using openfiler and unRAID and a separate ESXi box for VMs - or trying to get everything working in one box.  As I'm probably going to be using 3 PCI-E slots to get the openfiler/unRAID setup working (8 + 16 drives) a separate ESXi box would leave more room for tv tuner cards and other things, but something like this probably has enough space for everything.

 

I know that when a PCI device is passed through to a VM in ESXi, all other devices on the same bus are also passed through.  Is this an issue for PCI-e?  Are PCI-e slots (1x, 4x, 8x, 16x) always on their own bus? (is a "pci-e lane" a bus?)

 

I'm still confused about exactly what works and what doesn't with 1068e cards (passthrough, spindown/up, temperatures, serial numbers) - these seem to be the cheapest option so it would be nice to get these working properly.

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

Official support for ESXi would be WONDERFUL.

 

I forgot that I would have to wait for WHS to migrate all of the content off of my 2TB drive before I could move it....

 

I installed the AOC-SASL-MV8, got it set up for pass-through and added it to the unraid VM...

 

Still no cables, so I don't have any drives attached and therefore can't tell you if they will be recognized and/or support spin-down, but at this point I haven't seen anything to indicate to me that it shouldn't work....

 

Link to comment
mrmachine Apprentice

mrmachine

Posted
Posted

Official support for ESXi would be WONDERFUL.

 

I forgot that I would have to wait for WHS to migrate all of the content off of my 2TB drive before I could move it....

 

I installed the AOC-SASL-MV8, got it set up for pass-through and added it to the unraid VM...

 

Still no cables, so I don't have any drives attached and therefore can't tell you if they will be recognized and/or support spin-down, but at this point I haven't seen anything to indicate to me that it shouldn't work....

 

 

Here's what nojstevens said about the AOC-SASL-MV8:

 

Bad news i'm afraid - it sees it, it boots, but during the boot process it scans the drives, i get the PSOD and have to reboot. 1 time in 10 it works, I can add disks to the array, but when I start the array it PSODs. It came with firmware .15N and i found new .21 firmware, applied it but same issue. If I boot direct from unRAID flash (i.e. not in VM) then it works great....

 

Hope you have better luck, then perhaps we can chalk it down to a motherboard incompatibility, and I might be tempted to try it instead of the AOC-SAT2-MV8 :)

 

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

Well I put the card in and restarted the VM.  The machine is currently up, but for some reason UnRAID seems to have "forgotten" that I added a 3rd hard drive earlier.

 

Now it wants to start all over and re-initialize the drive that has already been filled.

 

I'm an UnRAID newb so I need to sit and look at the docs and figure out how to "force" the drive back into the array.  I'll be messing with that some tonight and see where I get.

 

Edit:  Okay...so the problem was related to a file system error on the flash drive that was preventing super.dat from being updated (or renamed).

Once the FAT was fixed, I was able to re-create the array like it is supposed to be, and it is now completing a parity check....the issue seems to be unrelated to the card.  

 

I had no issues with PSOD in ESXi....granted I've only booted the physical hardware once or twice with the card in, and no drives have been attached...so perhaps I've simply been lucky.

I'll be going through some power cycles and adding drives over the next few days, I'll let you know if I run into any issues, but for now it seems to be fine.

 

Can anyone comment on how I might best be able to utilize a card like this in my build:

http://www.newegg.com/Product/Product.aspx?Item=N82E16816110042

PIKE 1068E 8-port SAS RAID Card

 

any chance I'd be able to pass that directly in to UnRaid and have it work?

I mean, I'm willing to buy it and try it and let everyone know....but do I have any reason to get my hopes up?

Even if I can't pass it through, I'm assuming PVSCSI should work with this....any idea what to expect on spindown/temp?

 

Link to comment
SilntBob Noob

SilntBob

Posted
Posted

Being new to all of this, I'm trying to figure out if spindown is indeed working for my drives.

 

Looking at the web interface I see flashing green dots next to each of my drives.

Looking at the syslog, every 10-11 secs I see a record that it is spinning down the drives:

Jan 31 09:02:34 UnRaidServer kernel: mdcmd (12): spindown 0
Jan 31 09:02:34 UnRaidServer kernel: mdcmd (13): spindown 1
Jan 31 09:02:35 UnRaidServer kernel: mdcmd (14): spindown 2
Jan 31 09:02:46 UnRaidServer kernel: mdcmd (15): spindown 0
Jan 31 09:02:46 UnRaidServer kernel: mdcmd (16): spindown 1
Jan 31 09:02:46 UnRaidServer kernel: mdcmd (17): spindown 2
Jan 31 09:02:56 UnRaidServer kernel: mdcmd (18): spindown 0
Jan 31 09:02:57 UnRaidServer kernel: mdcmd (19): spindown 1
Jan 31 09:02:57 UnRaidServer kernel: mdcmd (20): spindown 2

 

based on all of this should I be confidently convinced that spindown is working or is there some additional checking that I need to do?

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing